@Mr. Goldstein
December 4, 2021
Start the development of a bug bounty program on https://immunefi.com/explore/ to increase protocol security, decrease bugs, and reduce chances of exploits Current program should apply only for V1 and V1.1. V2.0 bug bounty program should start only after the protocol audit. Allocate 50 ETH (<1%) of the treasury towards potential payouts. Detailed bounties will be designed upon the initial program approval and proposed within 2 governance cycles.
Start a new bug bounty program. All bounties values will be represented in USD and scaled based on the Immunefi severity Classification System.
Code security.
Currently there is no formal bug bounty program. With over $80M residing in the JBX Smart Contracts, if a bug is found it is likely to get exploited. Formalizing a program will help improve the Smart Contract security through independent researcher validation.
No changes, additional work is required to create and track the program.
Adding a bug bounty program increases protocol visibility with the researcher community.
See This Proposal on IPFS: https://gateway.pinata.cloud/ipfs/QmVXAcXENaACCwXzgnNS9k89jedfA5Yvs4VEkF7bx1meWP
Link to Discussion Thread: https://discord.com/channels/775859454780244028/919813435821293569/921823521708064848
Link to Proposal on Notion: https://www.notion.so/juicebox/JBX-Bug-Bounty-18cf1b7d1c8c426fa0753163f59adbc4